IN THE COURT OF CHANCERY OF THE STATE OF DELAWARE MICHAEL REITER, Derivatively on ) Behalf of CAPITAL ONE FINANCIAL ) CORPORATION, ) ) Plaintiff, ) v. ) ) C.A. No. 11693-CB RICHARD D. FAIRBANK, PATRICK ) W. GROSS, LEWIS HAY, III, MAYO ) A. SHATTUCK III, ANN FRITZ ) HACKETT, PIERRE E. LEROY, ) BRADFORD H. WARNER, PETER E. ) RASKIND, BENJAMIN P. JENKINS, ) III, and CATHERINE G. WEST, ) ) Defendants, ) and ) ) CAPITAL ONE FINANCIAL ) CORPORATION, a Delaware ) corporation, ) Nominal Defendant. ) )
MEMORANDUM OPINION Date Submitted: July 22, 2016 Date Decided: October 18, 2016 Blake A. Bennett, COOCH AND TAYLOR, P.A., Wilmington, Delaware; Brian J. Robbins, George C. Aguilar and Jay N. Razzouk, ROBBINS ARROYO LLP, San Diego, California, Attorneys for Plaintiff. S. Mark Hurd, Richard Li and Dean J. Shauger, MORRIS, NICHOLS, ARSHT & TUNNELL LLP, Wilmington, Delaware; Maeve L. O’Connor, DEBEVOISE & PLIMPTON LLP, New York, New York; Jonathan R. Tuttle and Anna A. Moody, DEBEVOISE & PLIMPTON LLP, Washington, District of Columbia, Attorneys for Defendants and Nominal Defendant. BOUCHARD, C. In this derivative action, a stockholder of Capital One Financial Corporation
asserts that its directors breached their fiduciary duty of loyalty and unjustly
enriched themselves by consciously disregarding their responsibility to oversee
Capital One’s compliance with the Bank Secrecy Act and other anti-money
laundering laws (“BSA/AML”). Plaintiff’s central allegation is that the directors
ignored red flags that Capital One’s BSA/AML compliance program failed to
satisfy statutory requirements relating to services Capital One provided to clients
engaged in check cashing, a business that poses an inherent risk for money
laundering.
Before filing this action, plaintiff prudently sought and obtained books and
records from Capital One under 8 Del. C. § 220. Those documents, which are
incorporated into the complaint, show that the board’s Audit and Risk Committee
and its successor committees received at least twenty-five reports over a three-and-
a-half-year period explaining the company’s BSA/AML compliance risk, which
escalated from “low” in early 2011 to “high” in early 2013, where it remained in
2014. Significantly, those same reports explained to the directors in meaningful
detail on a regular basis the initiatives management was taking to ameliorate
Capital One’s BSA/AML compliance risk, including management’s decision in
early 2014 to exit the check cashing business altogether, and none of those reports
reflected that the Company’s BSA/AML controls and procedures had been found
1 to violate statutory requirements or that anyone within Capital One had engaged in
fraudulent or illegal conduct.
Defendants have moved to dismiss the complaint under Court of Chancery
Rule 12(b)(6) for failure to state a claim for relief, and under Rule 23.1 for failure
to make a demand on the board before filing suit. As to the latter issue, plaintiff
contends that demand would have been futile because all ten members of Capital
One’s board when suit was filed, including nine outside directors whose
independence is unquestioned, face a substantial likelihood of personal liability for
the underlying claims.
The standard under Delaware law for imposing oversight liability on a
director is an exacting one that requires evidence of bad faith, meaning that “the
directors knew that they were not discharging their fiduciary obligations.” 1 For the
reasons explained below, I conclude after carefully reviewing the allegations of the
complaint and the documents incorporated therein, that plaintiff has failed to allege
facts from which it reasonably may be inferred that the defendants consciously
allowed Capital One to violate BSA/AML statutory requirements so as to
demonstrate that they acted in bad faith. Plaintiff thus has failed to plead with
particularity that a majority of Capital One’s directors face a substantial likelihood
1 Stone v. Ritter, 911 A.2d 362, 370 (Del. 2006).
2 of liability for the claims asserted in this case. Accordingly, demand would not
have been futile and the complaint will be dismissed with prejudice.
I. BACKGROUND
Unless noted otherwise, the facts recited in this opinion are based on the
allegations in the Verified Stockholder Derivative Complaint (the “Complaint”)
and the documents incorporated therein.2
A. The Parties
Capital One Financial Corporation (“Capital One” or the “Company”) is a
Delaware corporation headquartered in Virginia. It offers a broad spectrum of
financial products and services through its banking and non-banking subsidiaries.
The defendants were the ten members of Capital One’s board of directors
when plaintiff filed this action: Richard D. Fairbank, Patrick W. Gross, Lewis Hay,
III, Mayo A. Shattuck III, Ann Fritz Hackett, Pierre E. Leroy, Bradford H. Warner,
Peter E. Raskind, Benjamin P. Jenkins, III, and Catherine G. West. Fairbank, the
President and Chief Executive Officer of Capital One, was the only employee
director on the board.
In May 2013, the Audit and Risk Committee of Capital One’s board of
directors was split into two separate committees: the Risk Committee and the
2 I consider these documents in accordance with the incorporation-by-reference doctrine discussed below. See Part II.A.1.
3 Audit Committee. All defendants except Fairbank served on Capital One’s Audit
and Risk Committee or at least one of its two successor committees at some point
between June 2011 and January 2015, the time period relevant to this case.3
Plaintiff Michael Reiter alleges he was a stockholder of Capital One at the
time of the “wrongdoing complained of” and has been a stockholder continuously
since then.4
B. Capital One Begins Servicing Check Cashing Businesses
In December 2006, Capital One acquired North Fork Bancorporation, Inc.
and began providing banking services to check cashing and related money services
businesses in New York and New Jersey. The year before the acquisition, North
Fork entered into a memorandum of understanding with the Federal Deposit
Insurance Corporation and the New York State Banking Department concerning
weaknesses in North Fork’s program to comply with anti-money laundering laws
and the Bank Secrecy Act of 1970. As a result of the acquisition, Capital One
assumed North Fork’s obligations under the memorandum of understanding.
According to a 2014 report, Capital One considered exiting the business of
serving check cashers after the North Fork acquisition, but the New York State
Department of Financial Services encouraged the Company “to keep the business
3 Compl. ¶¶ 12-21. 4 Id. ¶ 10.
4 to serve the unbanked and underbanked.” 5 Capital One continued to serve check
cashing businesses in the decade following its acquisition of North Fork.
C. Regulatory Scrutiny of Check Cashing Businesses
Check cashing businesses are a significant focus of anti-money laundering
laws and regulations (“AML”), including the Bank Secrecy Act of 1970 (“BSA”)
(together, as defined above, the “BSA/AML”).
The Bank Secrecy Act of 1970, 6 as amended, requires financial institutions
in the United States to assist government agencies to detect and prevent money
laundering activities. It “establishes program, recordkeeping, and reporting
requirements for national banks, federal savings associations, federal branches, and
agencies of foreign banks.”7 The implementing regulations of the BSA impose
various requirements on financial institutions, including:
• Maintaining a system of internal controls to ensure ongoing BSA/AML
compliance and independent testing for compliance;
• Designating an individual responsible for coordinating and monitoring
day-to-day compliance;
• Providing training for appropriate personnel; 5 Id. ¶ 46 (quoting Capital One’s Commercial Banking: Compliance and Reputation Risk Management report to the Risk Committee, dated June 11, 2014). 6 31 U.S.C. 5311 et seq. 7 Compl. ¶ 33.
5 • Filing Suspicious Activity Reports (“SARs”) when certain suspected
violations of federal law or regulation are detected; and
• Implementing a written Customer Identification Program appropriate for
the bank’s size and risk profile.
In 2005, six regulatory agencies issued the Interagency Interpretive
Guidance on Providing Banking Services to Money Services Businesses Operating
in the United States setting forth guidelines for financial institutions, such as
Capital One, to incorporate into their BSA/AML programs. Those guidelines
include certain minimum internal policies, procedures, and controls relating to
providing banking services to check cashing businesses. In 2010, regulators jointly
released guidance concerning BSA/AML compliance stating that:
The cornerstone of a strong Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance program is the adoption and implementation of internal controls . . . . The requirement that a financial institution know its customers, and the risks presented by its customers, is basic and fundamental to the development and implementation of an effective BSA/AML compliance program. 8
According to the Complaint, to comply with United States anti-money
laundering laws and regulations, Capital One’s BSA/AML program must include
standards and guidelines, approved by the board, regarding “whether to close a
suspicious account and when to report suspicious activity, or activity known by the
8 Id. ¶ 49.
6 Company to be under investigation or in violation of the U.S. anti-money
laundering regime, via SARs.”9 The Complaint further alleges that Capital One
must establish an internal control system that ensures the board “is informed of
compliance deficiencies, BSA/AML program deficiencies, corrective action taken,
and SARs filed related to all of the foregoing.”10
As new BSA/AML regulations and guidance have been issued, regulators
have stepped up their enforcement efforts. In 2005, the Financial Crimes
Enforcement Network (“FinCEN”) fined ABN Amro $40 million “because ABN’s
New York branch failed to set up an adequate Bank Secrecy Act program,
including an anti-money laundering system.” 11 Several months later, FinCEN
fined BankAtlantic $10 million for similar violations. In 2007, The Wall Street
Journal reported that BSA/AML-related fines over the preceding two years totaled
at least $87 million, compared to $1 million in 2001 and 2002.
D. Capital One’s Directors Receive Regular Reports on the Company’s BSA/AML Program
Providing commercial banking services to check cashing businesses,
particularly in New York’s urban area, presents an inherent risk for violating anti-
money laundering laws and regulations. As stated in a June 2011 report to the 9 Id. ¶ 42. 10 Id. 11 Id. ¶ 48.
7 Audit and Risk Committee, the Company’s “Bank Segment . . . features high risk
products and services, a large branch network located in high intensity drug
trafficking and metropolitan areas, and a high risk customer base that includes
most large New York check cashing businesses.”12
Capital One’s Audit and Risk Committee, and later its separate Audit
Committee and Risk Committee, received regular reports from management
regarding the Company’s BSA/AML compliance program from June 2011 to
January 2015, the time period relevant to this action. 13 The Complaint cites to and
quotes extensively from at least twenty-five such reports, which include quarterly
Enterprise State of Compliance reports,14 Enterprise Risk Profile reports,15 periodic
Compliance Risk Updates,16 and various other AML program assessments and
updates. 17 The committee members also received updates on regulatory
12 Id. ¶ 51 (quoting Capital One’s 1Q 2011 Enterprise State of Compliance report dated June 2011). 13 Id. ¶ 95. 14 See id. ¶¶ 51, 52, 55, 57, 61, 63, 68, 70, 77. 15 See id. ¶¶ 62, 66, 71, 74, 76. 16 See id. ¶¶ 53, 56. 17 E.g., Chief Risk Officer Report, id. ¶ 54; AML and OFAC Compliance Risk Assessment, id. ¶ 58; Anti-Money Laundering (AML) Assessment, id. ¶ 64; and Independent Compliance Transaction Testing Program Update, id.
8 movements and discussed BSA/AML compliance issues during their committee
meetings. 18
Capital One performed periodic internal audits of its risk compliance
programs, the results of which were reported to the Audit and Risk Committee, and
after May 2013, to the Audit Committee. In a July 2013 report to the Audit
Committee, the internal auditors rated Capital One’s AML program as “Needs
Strengthening;”19 in two later audits, covering the first and fourth quarters of 2014,
the auditors rated the Company’s AML program as “Inadequate.” 20
E. Capital One Becomes the Subject of Regulatory Investigations and Decides to Exit the Check Cashing Business
On December 3, 2013, Capital One received a grand jury subpoena from the
New York District Attorney requesting information concerning the Company’s
AML controls and check cashing clients. It was reported to the Audit Committee
the next month, on January 23, 2014, that “management has decided to exit the
business of banking check cashers” in parallel with the “ongoing investigation into
potential violations of anti-money laundering laws by several of the company’s
18 See id. ¶¶ 59, 60, 65, 67. 19 Id. ¶ 67. 20 Id. ¶¶ 73, 80.
9 commercial clients.” 21 Later in 2014, Capital One received another four grand jury
subpoenas from the New York District Attorney requesting additional information
concerning the Company’s AML controls and check cashing clients.22
On February 6, 2015, Capital One received a grand jury subpoena from the
United States Department of Justice requesting, among other things, all documents
previously produced in response to the New York District Attorney’s subpoenas,
Capital One’s BSA/AML policies and procedures, related board and committee
meeting minutes, compliance audits and testing reports, and details on specific
customers and clients. 23
On July 10, 2015, Capital One consented to the entry of an order issued by
the Office of the Comptroller of Currency (“OCC”) concerning the Company’s
BSA/AML controls (the “Consent Order”). 24 In the Consent Order, the OCC
found that Capital One had “failed to adopt and implement a compliance program
that adequately covers the required BSA/AML program elements due to an
21 Id. ¶ 70 (quoting Capital One’s Compliance Report for the Fourth Quarter of 2013 dated January 23, 2014). 22 Id. ¶¶ 75, 79. 23 Id. ¶ 81. 24 Id. ¶ 8. The stipulation documenting Capital One’s consent reflects that it did so “without admitting or denying any wrongdoing.” Bennett Aff. Ex. 12 (Stipulation and Consent to the Issuance of a Consent Order) at 2.
10 inadequate system of internal controls and ineffective independent testing.” 25 The
OCC thus ordered Capital One to adopt a series of remedial actions. The OCC
proceeding against Capital One has concluded, but the investigations of the New
York District Attorney and the Department of Justice remain open, along with
another investigation by the FinCEN. These investigations pertain to “certain
check casher clients of the Commercial Banking business and Capital One’s anti-
money laundering (“AML”) program.” 26
F. Procedural History
On November 10, 2015, after obtaining books and records from the
Company under 8 Del. C. § 220, plaintiff filed the Complaint, which asserts two
derivative claims on behalf of Capital One. Count I asserts an oversight claim for
breach of the fiduciary duty of loyalty against all defendants. Count II asserts a
claim of unjust enrichment against all defendants concerning their receipt of
compensation and director remuneration.
On January 29, 2016, defendants filed a motion (1) to dismiss the Complaint
under Court of Chancery Rule 23.1 for failure to make a pre-suit demand and
under Court of Chancery Rule 12(b)(6) for failure to state a claim upon which 25 Compl. ¶ 83 (quoting Consent Order). 26 Id. ¶ 85 (quoting the Company’s Quarterly Report on Form 10-Q filed with the SEC on August 3, 2015).
11 relief can be granted, and (2) in the alternative, to stay the action pending the
resolution of the ongoing regulatory investigations.
II. ANALYSIS
For the reasons explained below, I conclude that demand was not excused
under Rule 23.1 for either of the claims asserted in the Complaint. Accordingly, I
do not reach defendants’ arguments under Rule 12(b)(6) or for a stay.
A. Legal Standards
1. Pleading Principles under Rule 23.1
Under Court of Chancery Rule 23.1, a plaintiff in a derivative action must
“allege with particularity the efforts, if any, made by the plaintiff to obtain the
action the plaintiff desires from the directors or comparable authority and the
reasons for the plaintiff’s failure to obtain the action or for not making the
effort.”27 The rationale behind this rule is that “directors are entitled to a
presumption that they were faithful to their fiduciary duties,” and it is the
plaintiff’s burden to overcome that presumption in the context of a pre-suit
demand. 28
27 Ch. Ct. R. 23.1(a). 28 Beam ex rel. Martha Stewart Living Omnimedia, Inc. v. Stewart, 845 A.2d 1040, 1048- 49 (Del. 2004).
12 “On a motion to dismiss pursuant to Rule 23.1, the Court considers the same
documents, similarly accepts well-pled allegations as true, and makes reasonable
inferences in favor of the plaintiff—all as it does in considering a motion to
dismiss under Rule 12(b)(6).”29 Additionally, where a complaint quotes or
characterizes some parts of a document but omits other parts of the same
document, the Court may apply the incorporation-by-reference doctrine to guard
against the cherry-picking of words in the document out of context.
Under the incorporation-by-reference doctrine, “[a] plaintiff may not
reference certain documents outside the complaint and at the same time prevent the
court from considering those documents’ actual terms.” 30 Vice Chancellor Laster
recently provided the following helpful summary of the doctrine:
The incorporation-by-reference doctrine permits a court to review the actual document to ensure that the plaintiff has not misrepresented its contents and that any inference the plaintiff seeks to have drawn is a reasonable one. The doctrine limits the ability of the plaintiff to take language out of context, because the defendants can point the court to the entire document. The doctrine also enables courts to dispose of meritless complaints at the pleading stage. Without the ability to consider the document at issue in its entirety, complaints that quoted only selected and misleading portions of such documents could not be dismissed under Rule 12(b)(6) even though they would be doomed to failure. With the incorporation-by-reference doctrine, a complaint may, despite allegations to the contrary, be dismissed where the
29 Beam ex rel. Martha Stewart Living Omnimedia, Inc. v. Stewart, 833 A.2d 961, 976 (Del. Ch. 2003), aff’d, 845 A.2d 1040 (Del. 2004). 30 Winshall v. Viacom Int’l, Inc., 76 A.3d 808, 818 (Del. 2013).
13 unambiguous language of documents upon which the claims are based contradict the complaint’s allegations. Likewise, a claim may be dismissed if allegations in the complaint or in the exhibits incorporated into the complaint effectively negate the claim as a matter of law.31
The Complaint here extensively cites to and quotes from documents plaintiff
obtained from the Company through a books and records inspection demand under
8 Del. C. § 220. Accordingly, I may apply the incorporation-by-reference doctrine
with respect to the documents referenced in the Complaint in evaluating the
sufficiency of the Complaint’s allegations to demonstrate demand futility.
2. The Demand Futility Standard
Under Delaware law, the Court applies one of two tests to determine
whether a plaintiff’s demand upon the board would be futile. The first test,
established in Aronson v. Lewis, applies when a plaintiff is challenging a decision
of the board of directors.32 The second test, established in Rales v. Blasband,33
applies when the derivative action is based on a board’s inaction or a violation of
31 Amalgamated Bank v. Yahoo! Inc., 132 A.3d 752, 797 (Del. Ch. 2016) (internal citations and quotations omitted). 32 Aronson v. Lewis, 473 A.2d 805, 814 (Del. 1984), overruled on other grounds by Brehm v. Eisner, 746 A.2d 244 (Del. 2000). 33 634 A.2d 927 (Del. 1993).
14 the board’s oversight duties. 34 Because plaintiff’s claims in this action are
predicated upon an alleged failure of the board to act, the Rales test applies.35
Under the Rales test, the Court “must determine whether or not the
particularized factual allegations of a derivative stockholder complaint create a
reasonable doubt that, as of the time the complaint is filed, the board of directors
could have properly exercised its independent and disinterested business judgment
in responding to a demand.”36 A reasonable doubt as to the board’s independence
and disinterestedness exists when plaintiff’s demand exposes a majority of the
board of directors to “a substantial likelihood” of personal liability. 37 “[T]he mere
threat of personal liability . . . is insufficient;”38 rather, the complained-of conduct
must “be ‘so egregious on its face’ that the board could not have exercised its
34 See Wood v. Baum, 953 A.2d 136, 140 (Del. 2008) (“The [Rales] test applies where the subject of a derivative suit is not a business decision of the Board but rather a violation of the Board’s oversight duties.”). 35 Whether the Rales test or the Aronson test applies ultimately makes no substantive difference in my view because “the Rales test, in reality, folds the two-pronged Aronson test into one broader examination.” See Teamsters Union 25 Health Servs. & Ins. Plan v. Baiera, 119 A.3d 44, 67 n.131 (Del. Ch. 2015) (internal quotation omitted). 36 Rales, 634 A.2d at 934. 37 Id. at 936 (quoting Aronson, 473 A.2d at 815). 38 Aronson, 473 A.2d at 815.
15 business judgment in responding to a stockholder demand to pursue those
claims.” 39 Courts assess demand futility on a claim-by-claim basis. 40
B. Demand Is Not Excused for the Caremark Claim
In Count I of the Complaint, plaintiff asserts that defendants breached their
fiduciary duty of loyalty as members of Capital One’s board by “purposefully,
knowingly, or recklessly causing or allowing the Company to violate the
BSA/AML, as well as other applicable law.” 41 Plaintiff further asserts that demand
would be futile as to Count I because all ten defendants, including the nine outside
directors whose independence is unquestioned, have a disqualifying interest in
deciding whether the Company should pursue this claim because they each
allegedly “face a substantial likelihood of liability for such breach.”42 This is a
quintessential Caremark oversight claim. 43
39 Melbourne Municipal Firefighters’ Pension Trust Fund v. Jacobs, 2016 WL 4076369, at *6 (Del. Ch. Aug. 1, 2016) (citing Aronson, 473 A.2d at 815). 40 MCG Capital Corp. v. Maginn, 2010 WL 1782271, at *18 (Del. Ch. May 5, 2010) (“Demand futility must be determined on a claim-by-claim basis.”). 41 Compl. ¶¶ 105-6. The Complaint does not allege that defendants breached their duty of care. The defendants would be exculpated from such a claim in any event under Capital One’s Restated Certificate of Incorporation, which contains a Section 102(b)(7) provision. See Defs.’ Op. Br. 17. 42 Compl. ¶¶ 96, 98, 100, 102. 43 Although the Complaint and plaintiff’s answering brief assert that Capital One’s Code of Conduct and Code of Ethics impose additional duties on all defendants, and that Capital One’s charter imposes additional oversight duties on those defendants who served 16 1. The Caremark Liability Standard
In 1996, Chancellor Allen famously reviewed the duties of directors to
monitor corporate operations in Caremark, where it had been alleged that the
company’s “directors allowed a situation to develop and continue which exposed
the corporation to enormous legal liability.” 44 Commenting that the theory “is
possibly the most difficult theory in corporation law upon which a plaintiff might
hope to win a judgment,” 45 the Chancellor opined that to demonstrate that the
directors had breached a fiduciary duty by failing to adequately control the
company’s employees, “plaintiffs would have to show either (1) that the directors
knew or (2) should have known that violations of law were occurring and, in either
event, (3) that the directors took no steps in a good faith effort to prevent or
remedy that situation, and (4) that such failure proximately resulted in the losses
complained of.”46
on the Audit and Risk Committee or its successor committees, plaintiff has not sought relief based on those provisions. See Compl. ¶¶ 28-31, 103-112; Pl.’s Ans. Br. 39-40. 44 In re Caremark Int’l Inc. Derivative Litigation, 698 A.2d 959, 967 (Del. Ch. 1996). 45 Id. 46 Id. at 971. Chancellor Allen appeared to conceive of the claim as implicating the duty of care. The Delaware Supreme Court later clarified that the obligation to act in good faith, which was central to Caremark’s formulation of the standard for oversight liability, is a component of the duty of loyalty. Stone, 911 A.2d at 370.
17 Ten years later, the Delaware Supreme Court explained in Disney that
“intentional dereliction of duty” or “a conscious disregard for one’s
responsibilities,” which “is more culpable than simple inattention or failure to be
informed of all facts material to the decision,” falls within the ambit of fiduciary
misconduct that would violate the obligation to act in good faith. 47 Later that year,
in Stone v. Ritter, the Delaware Supreme Court embraced the Caremark framework
for director oversight liability and clarified, consistent with its decision in Disney,
that to impose personal liability on a director for a failure of oversight requires
evidence that “the directors knew that they were not discharging their fiduciary
obligations.”48
Caremark articulates the necessary conditions predicate for director oversight liability: (a) the directors utterly failed to implement any reporting or information system or controls; or (b) having implemented such a system or controls, consciously failed to monitor or oversee its operations thus disabling themselves from being informed of risks or problems requiring their attention. In either case, imposition of liability requires a showing that the directors knew that they were not discharging their fiduciary obligations. Where directors fail to act in the face of a known duty to act, thereby demonstrating a conscious disregard for their responsibilities, they breach their duty of loyalty by failing to discharge that fiduciary obligation in good faith. 49
47 In re Walt Disney Co. Deriv. Litig., 906 A.2d 27, 66 (Del. 2006). 48 Stone, 911 A.2d at 370. 49 Id.
18 The need to demonstrate scienter to establish liability under an oversight
theory follows not only from Caremark itself, but from the existence of charter
provisions exculpating directors from liability for breaches of the duty of care that
have become ubiquitous in corporate America. As then-Vice Chancellor Strine
explained in the Massey case:
The Massey charter also includes an exculpatory charter provision insulating the directors from claims of even gross negligence. As a result, in order to receive a monetary judgment against the Massey directors and officers, the plaintiffs will have to prove that the directors and officers acted with scienter. That reality also exists because of the Caremark decision itself, which our Supreme Court has embraced as setting the liability standard in this context. The Caremark liability standard is a high one, and requires proof that a director acted inconsistent with his fiduciary duties and, most importantly, that the director knew he was so acting. For obvious reasons, the motive of independent directors to put profits ahead of compliance with the law is weaker than for managers and thus the challenge for a plaintiff to convince a fact-finder of any specific independent director’s culpability has to be regarded as at best difficult.50
Because “directors’ good faith exercise of oversight responsibility may not
invariably prevent employees from violating criminal laws, or from causing the
corporation to incur significant financial liability, or both,”51 a plaintiff asserting a
Caremark oversight claim must plead with particularity “a sufficient connection
50 In re Massey Energy Co., 2011 WL 2176479, at *22 (Del. Ch. May 31, 2011). 51 Stone, 911 A.2d at 373.
19 between the corporate trauma and the board.”52 To establish such a connection, a
plaintiff may plead that the board knew of evidence of corporate misconduct—the
proverbial “red flag”—yet acted in bad faith by consciously disregarding its duty
to address that misconduct. 53
In applying the Caremark theory of liability, even in the face of alleged red
flags, this Court has been careful to distinguish between failing to fulfill one’s
oversight obligations with respect to fraudulent or criminal conduct as opposed to
monitoring the business risk of the enterprise:
There are significant differences between failing to oversee employee fraudulent or criminal conduct and failing to recognize the extent of a Company’s business risk. Directors should, indeed must under Delaware law, ensure that reasonable information and reporting systems exist that would put them on notice of fraudulent or criminal conduct within the company. Such oversight programs allow directors to intervene and prevent frauds or other wrongdoing that could expose the company to risk of loss as a result of such conduct.54
As this Court stated more recently, “imposing Caremark-type duties on directors to
monitor business risk is fundamentally different from imposing on directors a duty
to monitor fraud and illegal activity.” 55
52 Louisiana Mun. Police Empls.’ Ret. Sys. v. Pyott, 46 A.3d 313, 340 (Del. Ch. 2012), rev’d on other grounds, 74 A.3d 612 (Del. 2013). 53 Id. at 341. 54 In re Citigroup Inc. S’holder Deriv. Litig., 964 A.2d 106, 131 (Del. Ch. 2009). 55 In re The Goldman Sachs Group, Inc. S’holder Litig., 2011 WL 4826104, at *22 (Del. Ch. Oct. 12, 2011) (internal quotation omitted). 20 2. The Complaint Fails to Plead Particularized Facts from Which it Reasonably May be Inferred that Defendants Acted in Bad Faith
In this case, plaintiff does not contend that Capital One’s directors failed to
implement any reporting or information systems or controls with respect to
BSA/AML compliance. 56 Plaintiff would be hard-pressed to advance such an
argument given the numerous documents he obtained from the Company through
his Section 220 demand that show the opposite. Those documents, which are
referenced throughout the Complaint, show that the members of the Audit and Risk
Committee and its successor committees received at least twenty-five reports on a
regular basis during the three-and-a-half-year period in question (June 2011 to
January 2015) explaining the Company’s AML risk exposure and detailing
management’s plans to address the exposure,57 and that similar reports also were
provided to the full board periodically. 58
Plaintiff instead contends that the Capital One board consciously failed to
act after learning about “evidence of illegality.” 59 More specifically, plaintiff
contends that, despite the Company’s statutory obligation to maintain BSA/AML
56 Pl.’s Ans. Br. 32-33. 57 See Compl. ¶¶ 51-68, 70-71, 73-74, 76-77, 80 (describing over twenty-five reports provided to the Audit and Risk Committee and its successor committees). 58 Id. ¶¶ 72, 78. 59 Pl.’s Ans. Br. 31 (internal quotation omitted).
21 controls and procedures, its directors consciously ignored “numerous red flags
demonstrating the statutory inadequacy of those control and procedures.”60 The
gravamen of the Complaint is that these alleged inadequacies concerned the
Company’s provision of banking services to check cashing businesses, which
exposed Capital One to liability for money-laundering activities they committed.61
Plaintiff does not identify a key event or particular document allegedly
constituting a red flag, but instead advances a much more diffuse theory.
Specifically, plaintiff contends that the numerous reports that were provided
regularly to the Capital One directors from June 2011 to January 2015 constituted a
series of red flags that should have triggered a duty for the board to act.62
According to plaintiff, armed with the information in these reports, the board
should have intervened and independently conducted “some type of compliance
check” at some point during this three-and-a-half-year period, 63 and the board’s
failure to do so justifies a reasonable inference that the defendants “conscious[ly]
60 Id. 33-34. 61 See Compl. ¶¶ 2-3, 5-6, 105-6. 62 Tr. Oral Arg. at 23. 63 Tr. Oral Arg. at 30.
22 disregard[ed] . . . their duty to implement internal controls required by BSA/AML
regulations” and therefore breached their fiduciary duty of loyalty. 64
When pressed to be more specific, plaintiff identified five reports, one for
each year from 2011 to 2015, as his “best” evidence of red flags.65 Using that
framework, I next review the allegations in the Complaint concerning these five
reports along with other statements in them and from other reports referenced in
the Complaint that I may consider under the incorporation-by-reference doctrine.66
In conducting this review, I do not rely on the truth of the matters asserted in the
reports that are not repeated in the Complaint, but I consider those parts for the
purpose of assessing what information was made available to the directors, which
speaks to the directors’ states of mind and bears on whether it would be reasonable
to infer that they intentionally disregarded their fiduciary duties in bad faith—the
core inquiry in a Caremark oversight claim. 67
64 Pl.’s Ans. Br. 28. 65 Tr. Oral Arg. at 23. 66 See supra Part II.A.1. 67 See Vanderbilt Income and Growth Assocs., L.L.C. v. Arvida/JMB Managers, Inc., 691 A.2d 609, 613 (Del. 1996) (“The exceptions to the general Rule 12(b)(6) prohibition against considering documents outside of the pleadings are usually limited to two situations. The first exception is when the document is integral to a plaintiff’s claim and incorporated into the complaint. The second exception is when the document is not being relied upon to prove the truth of its contents.”) (internal quotation omitted).
23 For 2011, plaintiff referred to the Audit and Risk Committee’s “1Q 2011
Enterprise State of Compliance” report dated June 2011.68 The Complaint alleges
this report:
. . . shows high quantity of AML risk, high future risk, and poor and worsening quality of AML risk management. It also shows the high quantity of risk and future risk as unchanged, implying that the Audit and Risk Committee Defendants had been aware of these risk levels before the first quarter of 2011. The high quantity of AML risk shown in the report was attributed specifically to “high risk products and services, a large branch network located in high intensity drug trafficking and metropolitan areas, and a high risk customer base that includes most large New York check cashing businesses.” The poor and worsening quality of AML risk management was attributed to “operational process breakdowns.”69
Other parts of the same report stated that: “Net AML Risk remained low, trending
steady during the quarter. . . . AML Compliance is engaged in all projects to ensure
compensating controls are in place. . . . Remediation is underway. . . . AML and
Fraud working to deliver enhanced fraud monitoring of ACH payments which will
decrease risk.”70
68 Tr. Oral Arg. at 24. 69 Compl. ¶ 51. 70 Shauger Aff. Ex. H (1Q 2011 Enterprise State of Compliance report to the Audit and Risk Committee, dated June 2011) at CONADEL0001187.
24 For 2012, plaintiff pointed to the Audit and Risk Committee’s “1Q 2012
Enterprise State of Compliance” report dated June 5, 2012. 71 The Complaint
alleges that this report:
. . . highlighted the Company’s “At Risk” and “Worsening” AML internal control environment. The report stated that “Enterprise Net Risk has been downgraded” and described AML “Inherent Risk” as “High,” due to “high risk products and services, large branch network located in high intensity drug trafficking and metropolitan areas, high risk customer base that includes most large New York check cashing businesses,” AML “Governance & Control” as “At Risk,” and the “Future Trend” as “Worsening.” The report further stated that in March over 10% of AML controls were “operating ineffectively,” and suffered from “elongated time to resolve exceptions,” specifically including AML-critical CIP exceptions.72
Other parts of the same report stated that the “Medium” risk rating was partially
due to “inadequate control environment in Canada . . . and the anticipated
complexities of integrating HSBC and ING” 73 and listed a series of “[a]ctions
needed to get back into stated [risk] appetite.”74 In other words, management had
identified to the Audit and Risk Committee the actions they believed necessary to
achieve the Company’s compliance goal.
71 Tr. Oral Arg. at 26. 72 Compl. ¶ 55. 73 Shauger Aff. Ex. F (1Q 2012 Enterprise State of Compliance report to the Audit and Risk Committee, dated June 5, 2012) at CONADEL0001528. 74 Id.
25 Additionally, a memo from the Chief Compliance Officer to the Audit and
Risk Committee from the month before stated that management was preparing a
detailed assessment of the AML program deficiencies noted in a recent regulatory
action against Citibank to make sure Capital One’s own program was adequate.75
A few months later, in October 2012, the Chief Compliance Officer reported to the
Audit and Risk Committee in another memo that: “We are watching several trends
that may impact our risk profile and compel us to modify our approach or control
environment. The most significant issue arises from recent enforcement orders
against financial institutions in their AML and OFAC Programs and the shift the
OCC will take in examining our Program.” 76 That same month, the Audit and Risk
Committee recommended to the board certain revisions to the Company’s AML
policy. 77
For 2013, plaintiff focused on the Audit and Risk Committee’s “Enterprise
Risk Profile: Summary Report” dated February 12, 2013.78 The Complaint alleges
. . . provided the Audit and Risk Committee Defendants with additional warnings about the Company’s “High” AML compliance
75 Shauger Aff. Ex. C (memo re May 2012 Compliance Risk Update, dated May 7, 2012) at CONADEL0001469. 76 Shauger Aff. Ex. B (memo re 2012 AML and OFAC Compliance Risk Assessment, dated October 22, 2012) at CONADEL0002458. 77 Tr. Oral Arg. at 31.
26 risk. The report warned that “[f]ailing to mitigate [this] risk[] could result in non-compliance with applicable requirements and, in a worst case scenario, fines and reputational exposure similar to those incurred under recent consent orders.” The report further described AML as the “Top Risk” and described how “based on recent enforcement actions left unchecked the consequences of unmanaged risks in this area could result in violations of law.”79
Another part of the same report reiterated the regulatory actions that had been
taken against other financial institutions and the inherent risk posed by money
laundering activity: “While the corporate AML program is sound, regulatory
actions at other financial institutions have been well publicized. Inherently, money
laundering, terrorist financing, and economic sanctions remain a top risk for
financial institutions. Management is proactively ensuring the corporate AML
program is strengthened to meet evolving expectations.” 80 A second presentation
provided to the Audit and Risk Committee on the same date elaborated on
management’s initiatives to address the Company’s AML risk:
Management is taking action to put remediation plans and dates in place. Focus is on establishing the correct governance in Enterprise Payments to address cash handling policy and operational needs, continued build of AML Model Governance processes, and moving/revising first line of defense controls for CIP.81 78 Tr. Oral Arg. at 26. 79 Compl. ¶ 62. 80 Shauger Aff. Ex. M (Enterprise Risk Profile report to the Audit and Risk Committee, dated February 12, 2013) at CONADEL0000656. 81 Shauger Aff. Ex. N (Q4 2012 Enterprise State of Compliance report to the Audit and Risk Committee, dated February 12, 2013) at CONADEL0000757.
27 According to the Complaint, yet another report provided to the Audit
Committee on October 24, 2013, “seemed to spark in earnest the Board’s reactive
mad dash efforts—ultimately far too little too late—to rectify Capital One’s
critically deficient AML controls.”82 In an unusual twist, plaintiff’s counsel
disclaimed this exculpatory allegation of his own Complaint, which is repeated
elsewhere in the Complaint,83 as not “well-pled.”84
A few months later, in a compliance report for the fourth quarter of 2013
dated January 23, 2014, the members of the Audit Committee were informed that
management had decided to exit the business of serving check cashers “in parallel”
with an investigation of potential violations of anti-money laundering laws that
was being conducted of several of the Company’s clients. 85 A memorandum sent
to the members of the Audit and Risk Committee on the same day further
explained that management’s decision to exit the check cashing business was
expected to be executed in 2014, and that Capital One’s “AML Compliance
Program is operating within tolerance” outside of the “Check Casher Group:”
82 Compl. ¶ 68. 83 See id. ¶ 70. 84 Tr. Oral Arg. at 46. 85 Compl. ¶ 70.
28 • Management has decided to exit the Check Cashing business and a plan is underway to execute this decision throughout 2014. AML is closely monitoring these account relationships and performing additional due diligence as they wind down.
• With the exception of the Check Casher Group, the core AML Compliance Management Program is operating with tolerance; however, AML inherently remains a top risk to the company. 86
For 2014, plaintiff relied on the Audit Committee’s “Corporate Audit &
Security Services First Quarter 2014” report dated April 25, 2014. 87 The
Complaint alleges that this report:
. . . described Capital One’s internal audit findings. Far from showing improvement following the stark warnings received by the Individual Defendants in the preceding months, the Company’s “High” risk AML Compliance Risk Management program was rated “Inadequate,” the worst possible rating. This would begin a series of internal reports showing that in the face of extreme risk and regulatory scrutiny, the Individual Defendants continued to fail improving Capital One’s AML controls to an acceptable level. The report cites a need for robust procedures, well-trained associates, and a strong management review function to comply with FinCEN and bank regulators’ expectations. It also identified other key issues of concern, including inconsistencies in investigation and narrative preparation related to alerted transactions, lack of associate training, and a weak management review process that failed to make robust notations, pose questions, or challenge conclusions.88
86 Bennett Aff. Ex. 5 (memo re 2013 AML and OFAC Compliance Risk Assessment, dated January 23, 2014) at CONADEL0000903. 87 Tr. Oral Arg. at 28. 88 Compl. ¶ 73.
29 Other parts of the same report stated that the audit department concluded that
Capital One’s “Bank Secrecy Act Operations Procedures are quite detailed,” that
the “unplanned use of consultants in the compliance area required to support one-
time efforts related to enhancing the BSA/AML risk assessment methodology and
audit program” had caused the department to go over budget, and that the
department’s contractor usage “is primarily driven by additional projects
supporting the compliance audit team in areas including quality assurance and
enhancements of the BSA/AML risk assessment process.” 89
In a memo to the Audit Committee for the next quarter, the Chief
Compliance Officer reported that the Company had launched a comprehensive
initiative to improve its AML compliance program:
AML remains a top compliance risk for the company, primarily due to heightened regulatory expectations; high alert volumes; a need to enhance AML controls and strengthen the AML organization; and an ongoing law enforcement investigation into alleged criminal activity by certain of the company’s commercial clients.
*****
In coordination, the Chief Risk Officer, the Chief Compliance Officer and the new Chief AML Officer have launched a comprehensive initiative to improve our enterprise AML compliance program, including all core controls, processes, and policies.90 89 Shauger Aff. Ex. S (Corporate Audit & Security Services First Quarter 2014 Audit Committee Report, dated April 25, 2014) at CONADEL0001062, CONADEL0001069. 90 Shauger Aff. Ex. V (memo re Quarterly Compliance Report for the Second Quarter of 2014, dated July 24, 2014) at CONADEL0001276.
30 The fifth and final report plaintiff identified as his best evidence of red flags
is the Audit Committee’s “Corporate Audit & Security Services Fourth Quarter
2014” report dated January 22, 2015.91 The Complaint discusses two statements in
this report: that it “confirmed the Company’s AML Program was still rated ‘At
Risk’ and described as ‘Inadequate,’” and that it “reported on ‘risk management
and control issues,’ warning ‘significant effort remains to enhance the overall
AML [Compliance Management Program].’” 92 But the report also said the
following:
Management is in the process of addressing ineffective model governance practices. . . . The Model Risk Office issued an AML Notice, . . . , which requires high risk AML models to be compliant with the Model Policy by April 2015, while medium and low risk AML models are expected to be fully compliant by October 2015. . . . Management self-identified the need to ensure a uniform and coordinated approach to referring fraud cases for potential SAR and STR reporting. . . . Prior to the conclusion of this audit, management established a dedicated workstream in the AML Strategic Plan to address this concern by December 31, 2014. 93
Additionally, in a section entitled “AML Strategic Plan,” the report included the
observations that “[w]here specific needs have been identified, the [AML
91 Tr. Oral Arg. at 29. 92 Compl. ¶ 80. 93 Bennett Aff. Ex. 6 (Corporate Audit & Security Services Fourth Quarter 2014 Audit Committee Report, dated January 22, 2015) at CONADEL0002577, CONADEL0002582.
31 compliance program] has elevated recruiting activities to support delivery
commitments” and that “[d]uring the fourth quarter, management made a
deliberate decision to focus efforts on completing deliverable commitments.” 94
To summarize, the five reports plaintiff identified as his best evidence of red
flags show that Capital One’s directors were made aware that (1) the Company’s
assessment of its AML compliance risk had escalated from “low” in the first
quarter of 2011,95 to “medium” in the first quarter of 2012,96 and then to “high” as
of February 2013,97 (2) that management had decided to exit the business of
serving check cashers by January 2014, and (3) that the Company’s AML risk
exposure remained high in 2014 as it implemented its plan to exit the check
cashing business.98 None of these reports, however, states that the Company’s
94 Defs.’ Reply Br. Ex. B (Corporate Audit & Security Services Fourth Quarter 2014 Audit Committee Report, dated January 22, 2015) at CONADEL0002576. 95 Shauger Aff. Ex. H (1Q 2011 Enterprise State of Compliance report to the Audit and Risk Committee, dated June 2011) at CONADEL0001187. 96 Shauger Aff. Ex. F (1Q 2012 Enterprise State of Compliance report to the Audit and Risk Committee, dated June 5, 2012) at CONADEL0001528. 97 Shauger Aff. Ex. M (Enterprise Risk Profile report to the Audit and Risk Committee, dated February 12, 2013) at CONADEL0000675; see also id. Ex. N (Q4 2012 Enterprise State of Compliance report to the Audit and Risk Committee, dated February 12, 2013) at CONADEL0000757. 98 See Shauger Aff. Ex. S (Corporate Audit & Security Services First Quarter 2014 Audit Committee Report, dated April 25, 2014) at CONADL0001062; Bennett Aff. Ex. 6 (Corporate Audit & Security Services Fourth Quarter 2014 Audit Committee Report, dated January 22, 2015) at CONADEL0002577.
32 BSA/AML controls and procedures actually had been found to violate statutory
requirements at any time or that anyone within Capital One had engaged in
fraudulent or criminal conduct. In other words, the core factual allegations of the
Complaint do not amount to red flags of illegal conduct.99
Giving plaintiff all reasonable inferences, the allegations of the Complaint
plead at most flags of a different hue, namely yellow flags of caution concerning
the Company’s escalating AML compliance risk that was occurring in tandem with
heightened regulatory scrutiny of AML compliance in the financial services
industry. The escalation occurred over a two-year period and led to management’s
decision less than one year later to exit the business of serving check cashers,
which was the root cause of Capital One’s AML compliance exposure according to
the Complaint. Significantly, the reports the directors received did not place them
on notice that management had refused to act or displayed an indifference to
complying with the BSA/AML. To the contrary, the same reports that described
the Company’s heightened compliance risk simultaneously explained to the
directors in considerable detail on a regular basis the initiatives management was
taking to address those problems and to ameliorate the AML compliance risk.
99 Although the OCC found in July 2015 “regulatory deficiencies in [Capital One’s] AML program emanating from [its] former Check Cashing Group within the Commercial Banking business,” Compl. ¶ 83, this event occurred in July 2015 after the Company had decided to exit the check cashing business, which explains why plaintiff does not view that event to have been a red flag. Tr. Oral Arg. at 33-34.
33 Thus the factual context here is fundamentally inconsistent with the inference
plaintiff asks the Court to draw—that the directors must have known they were
breaching their fiduciary duties by tolerating a climate in which the Company was
operating part of its business in defiance of the law.
The factual allegations of this case stand in stark contrast to the two key
authorities on which plaintiff relies: this Court’s decisions in the Massey and Pyott
cases. In Massey, the company “had pled guilty to criminal charges, had suffered
other serious judgments and settlements as a result of violations of law, had been
caught trying to hide violations of law and suppress material evidence, and had
miners suffer death and serious injuries at its facilities.”100 Based on these and
other “objective facts” of the company’s record as a “recidivist” law-breaker, the
Court found it was reasonably inferable “that the Board and management were
aware of a troubling continuing pattern of non-compliance in fact and of a
managerial attitude suggestive of a desire to fight with and hide evidence from the
company’s regulators,” and thus opined that a viable Caremark claim likely had
been pled. 101
In Pyott, plaintiff’s particularized allegations allowed the Court to draw an
inference that the Allergen board “knowingly approved and subsequently oversaw
100 Massey, 2011 WL 2176479, at *20. 101 Id. at *20-21.
34 a business plan that required illegal off-label marketing and support initiatives for
Botox.”102 In other words, Pyott involved the board’s “knowing use of illegal
means to pursue profit”103 in contravention of the common sense principle that “a
fiduciary of a Delaware corporation cannot be loyal to a Delaware corporation by
knowingly causing it to seek profits by violating the law.” 104
Unlike in Massey and Pyott, plaintiff does not contend, and the pled facts
would not warrant the inference, that Capital One’s management embraced a
strategy to pursue profits by employing illegal means, much less that its directors
were knowingly complicit in such a strategy. To the contrary, the Complaint’s
allegations evidence that Capital One’s management made efforts to cope with
tightening regulations and more aggressive AML enforcement actions, and
regularly kept the directors informed of those efforts along the way. Those efforts
included designation of a new Chief AML Officer, monthly training, quarterly
internal audits, other initiatives taken in response to the changing regulatory
102 Pyott, 46 A.3d at 356. 103 Id. at 352. 104 Id.
35 landscape,105 and ultimately, the decision to exit altogether the check cashing
business that presented the most acute BSA/AML challenges. 106
As discussed previously, the Delaware Supreme Court made clear a decade
ago that directors can be found liable for a Caremark oversight claim only if they
fail to discharge their fiduciary duties in good faith, meaning that “the directors
knew that they were not discharging their fiduciary obligations.” 107 “Good faith,
not a good result, is what is required of the board.”108 As our Supreme Court
explained more recently in Lyondell Chemical Co. v. Ryan, “there is a vast
difference between an inadequate or flawed effort to carry out fiduciary duties and
a conscious disregard for those duties.” 109
Here, the allegations of the Complaint and the documents incorporated
therein would allow reasonable minds to argue either side of a debate over whether
the directors’ oversight of the Company’s BSA/AML compliance program was
sufficiently robust or flawed. But what those allegations do not reasonably permit
105 Shauger Aff. Ex. Q (Anti-Money Laundering (AML) Assessment report to the Audit and Risk Committee, dated February 12, 2013) at CONADEL0000762. 106 Bennett Aff. Ex. 5 (memo re 2013 AML and OFAC Compliance Risk Assessment, dated January 23, 2014) at CONADEL0000903. 107 Stone, 911 A.2d at 370. 108 In re The Goldman Sachs Group, Inc. S’holder Litig., 2011 WL 4826104, at *23. 109 Lyondell Chemical Co. v. Ryan, 970 A.2d 235, 243 (Del. 2009).
36 for the reasons explained above is an inference that the defendants consciously
allowed Capital One to violate the law so as to sustain a finding they acted in bad
faith. As such, plaintiff has failed to plead with particularity that a majority of
Capital One’s ten-member board acted in such an egregious manner that they
would face a substantial likelihood of liability for breaching their fiduciary duty of
loyalty so as to disqualify them from applying disinterested and independent
consideration to a stockholder demand. Thus, demand is not excused as to Count I.
C. Demand Is Not Excused for the Unjust Enrichment Claim
Count II of the Complaint asserts that defendants “were unjustly enriched as
a result of the compensation and director remuneration they received while
breaching fiduciary duties owed to Capital One.” 110 Plaintiff readily acknowledges
that this claim rises or falls with the viability of Count I. 111 Thus, because plaintiff
has failed to allege particularized facts to excuse his failure to make a demand
concerning Count I, it necessarily follows that demand would not have been futile
as to Count II.
III. CONCLUSION
For the foregoing reasons, plaintiff has failed to demonstrate that demand
would have been futile with respect to either of the two claims in the Complaint.
110 Compl. ¶ 110. 111 Tr. Oral Arg. at 39.
37 Accordingly, defendants’ motion to dismiss the Complaint with prejudice is
GRANTED.
IT IS SO ORDERED.